HTTP Headers Analysis for https://app.upwave.com

Detected Technologies from Headers

See all in URL Inspect 21

AWS CloudFront

Ably

Amazon S3

Bugsnag

Cloudflare CDNJS

CSVBox

Datadog

Facebook

Front

Fullstory

Google Analytics

Google DoubleClick

Google Fonts

Google Tag Manager

HubSpot

HubSpot Analytics

Okta

Optimizely

Report URI

Segment

Sentry

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Good

script-src; style-src; img-src; +6 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

geolocation=(), microphone=(), camera=()

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Strengthen CSP by removing 'unsafe-eval'

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

accept-ranges: bytes
connection: close

Caching Headers

Cache-Control

Caching

no-cache, must-revalidate, max-age=0

Etag

Caching

"9d6ef7f0f0fee20e14fc3c51a0c91f05"

Last-Modified

Caching

Tue, 05 May 2026 16:36:57 GMT

cache-control: no-cache, must-revalidate, max-age=0
etag: "9d6ef7f0f0fee20e14fc3c51a0c91f05"
last-modified: Tue, 05 May 2026 16:36:57 GMT

Content Headers

Content-Length

Content

1205

Content-Type

Content

text/html; charset=utf-8

content-length: 1205
content-type: text/html; charset=utf-8

Server Headers

Server

AmazonS3

server: AmazonS3

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Date

Other

Thu, 07 May 2026 09:32:28 GMT

Report-To

Other

Group default max-age: 52w

Endpoint 1 https://upwave.report-uri.com/a/d/g

Via

Other

1.1 3eb529bb0846d8c00cf9b383bea0278e.cloudfront.net (CloudFront)

X-Amz-Cf-Id

Other

VqtgnNvyg04XF6ubksrz9_MfD6tTO4IgOAp8hU3RRVES_d7LXq_9tA==

X-Amz-Cf-Pop

Other

IAD61-P7

X-Amz-Server-Side-Encryption

Other

AES256

X-Cache

Other

Miss from cloudfront

date: Thu, 07 May 2026 09:32:28 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://upwave.report-uri.com/a/d/g"}],"include_subdomains":true}
via: 1.1 3eb529bb0846d8c00cf9b383bea0278e.cloudfront.net (CloudFront)
x-amz-cf-id: VqtgnNvyg04XF6ubksrz9_MfD6tTO4IgOAp8hU3RRVES_d7LXq_9tA==
x-amz-cf-pop: IAD61-P7
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

Recommendations

Enable compression (gzip/brotli) to improve performance